Gartner® analysis of the attack surface landscape.

A comprehensive overview of ASM technologies.

Cortex Xpanse Named an Overall Leader

2023 KuppingerCole Leadership Compass Report for Attack Surface Management

2023 Unit 42 Attack Surface Threat Report

Learn from the latest global observations.

Take control of your ever-changing and expanding cloud attack surface

Secure your cloud transformation. Discover, evaluate, and mitigate any cloud asset security risks with a constantly updating asset inventory.


As organizations move to the cloud, new assets will be generated among different providers and services – far outside of security controls. Keeping track of everything with traditional manual processes and spreadsheets won’t work.

  • Unknown attack surface

    50% of organizations have been attacked on unknown or unmanaged assets and 19% more expect to, according to MIT Tech Review Insights.

  • Catch unauthorized cloud assets

    Anyone with a credit card can create a new cloud instance without going through standard procedures. Just one misconfiguration could mean compromise.

  • A cloud of risks

    Risks come from vulnerable software, misconfigurations, exposed cloud assets, and expired certificates. Constant monitoring keeps exposures visible.


Monitor an ever-changing cloud landscape

Learn more

The Cortex Xpanse Solution

Most Trusted External Attack Surface Management

Cortex Xpanse protects organizations by discovering risks on the internet that no one else can find. Even cloud assets that were created outside of security controls or through misconfigurations are continuously monitored, so you stay in the know.
  • Build and maintain an internet asset system of record
  • Continuously monitor for exposure changes
  • Identify new cloud assets, changes, and attribute ownership
  • Find everything you own
    Find everything you own
  • A single source of truth
    A single source of truth
  • Extend to suppliers/third parties
    Extend to suppliers/third parties
  • Automated attribution
    Automated attribution
  • Automated remediation
    Automated remediation

Cloud Attack Surface Management

Continuous cloud asset discovery and monitoring

Cortex Xpanse scans all IPv4 space several times per day to uncover all your internet-connected assets. It monitors changes to cloud assets that may put them at risk, even if those assets were unknown to you.

  • Reduce RDP Exposure

    A full inventory of assets ensures that all unknown assets are under control and unnecessary assets are decommissioned, reducing your attack surface.

  • Track inventory faster than adversaries can find weaknesses

    Shut down RDP exposures before they can become attack vectors for ransomware.

Continuous cloud asset discovery and monitoring

Making Stakeholders Responsible

Xpanse automatically attributes cloud assets to the owners that created them, allowing security leads to mitigate all exposed assets.

  • Automatic attribution

    Cortex Xpanse automatically discovers the owner of an internet-connected asset, even if it doesn’t belong to you. This allows stakeholders within your organization or third party to be notified.

  • Automate remediation

    Cortex Xpanse combined with XSOAR automation playbooks allows automatic routing of newly discovered assets or exposures to the relevant stakeholder for remediation.

Making Stakeholders Responsible

Build an integrated attack surface program

Integrate ASM findings into security workflows to secure unknown and unmanaged risks. This can be achieved through integration of Cortex Xpanse, Cortex XSOAR, Prisma Cloud, and our broader portfolio.

  • Cortex Xpanse + Prisma Cloud

    Discover all your unsanctioned and unmanaged cloud assets and services with Cortex Xpanse while securing your unmanaged cloud with Prisma Cloud.

  • Cortex Xpanse + XSOAR

    Automate routing of exposure notifications and remediation of your unknown risks using Xpanse and XSOAR playbooks.

Build an integrated attack surface program

Cloud footprints were responsible for 79% of the most critical security issues.

The speed and nature of cloud computing drive risk in modern infrastructure. Cloud environments have quickly grown as enterprises transitioned to remote workforces.

cloud computing

Increasing cloud complexity

The average company uses five different cloud service providers and generates 3.5 new cloud instances per day, about 20 per week. Organizations need to continuously monitor their attack surfaces for new assets and changes to existing assets.

Increasing cloud complexity

Discover, evaluate and mitigate attack surface risks

XPANSE Dashboard
  • Expander - An attacker view of your attack surface

  • Link - Find risks from third-party and acquired companies

  • Assess - Get a point-in-time snapshot of your attack surface